privacy and cybersecurity

On December 18, 2020, the US Department of the Treasury (Office of the Comptroller of the Currency), Federal Reserve Board and Federal Deposit Insurance Corporation (FDIC) jointly announced a 53-page proposed rule that would require banks to notify their regulators within 36 hours of a “computer-security incident” that rises to the level of a “notification